CVE Number – CVE-2018-5241
Symantec ASG and ProxySG could allow a remote attacker to bypass security restrictions, caused by the improper handling of SAML responses that have XML nodes with comments. By modifying a valid SAML response without invalidating its cryptographic signature, a remote attacker could exploit this vulnerability to bypass SAML authentication security control.
ProxySG 6.5, 6.6, and 6.7 are vulnerable when authenticating network users in intercepted proxy traffic with a SAML authentication realm.
Patches and further details avaliable here.